Yahoo Inc. investigating possible massive security breach

Yahoo Inc. says it's investigating what could be a massive data breach of more than 453,000 Yahoo user login
credentials after claims by a hacker group calling itself D33D Company that they had broken into a Yahoo server, stolen them and dumped them.

The Associated Press early today reported Yahoo's head of United Kingdom consumer press relations Caroline
MacLeod-Smith as saying the company is looking into "claims" of a compromise of Yahoo user IDs but would not say
more about the possibility of the massive data breach. The group D33D Company is claiming to have stolen them by
means of a SQL injection attack, a common type of assault against vulnerable Web servers.

The alleged Yahoo passwords today were being spread about the Internet by others, with some analyzing them for content. The group claiming responsibility for the attack
on Yahoo is quoted as saying they hope it will be a "wake-up call" for better security.

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and
technology trends related to information security.